© 2012 Lathrop & Gage LLP

ILTA SOS Webinar: Remove Administrator Rights and Secure a Law Firm’s Greatest Asset- Its Reputation

Sean M. Power

Chief Information Officer

April 2013

© 2012 Lathrop & Gage LLP

About Lathrop & Gage, LLP

Founded in 1873, known as the oldest law firm west of the Mississippi River Approximately 850 desktops and laptops 315 Attorneys Highly-mobile, distributed work force:

• 11 offices across the US

© 2012 Lathrop & Gage LLP

Desktop Environment Challenges

850 desktops and laptops running multiple configurations Nearly 200 applications, many customized Extensive mobile workforce Previously all users ran with administrator rights Much trepidation by some about removing administrator rights. Moved to a fully locked down desktop environment with all users running as limited

users. Attorney’s need flexible user control of PCs

© 2012 Lathrop & Gage LLP

The Solution

Very effective reporting on what precisely needs privilege elevation especially third party legal review websites with Active X add-ins.

Ability to control and manage our distributed PCs over a secure internet connection Elevate privileges on the fly regardless of attorney’s work location Policies are propagated immediately No need to initiate remote desktop and use RUN AS

• Significant when running and installing programs as the user, not in the administrator context

Ability to flexibly manage our locked-down environment Easy discovery of what rights are needs to run challenging applications Recording of privilege elevation events for auditing

© 2012 Lathrop & Gage LLP

The Results

Manage user access privileges effectively, efficiently, extremely timely manner User still does not require admin rights Increased productivity immensely for IT staff and end users Much better control for software compliance considerations Significant reduction in malware incidence or severe limitation in the effect of

malware if it gains a foothold, often constrained to individual profile – this is very useful if someone is travelling and out of the office

Application configuration files and the registry can be effectively controlled Allows people to focus on the job Case study:

www.viewfinity.com/ Resources/CaseStudies/LathropGage.aspx

Leading the Privilege Management Sector

Eliminate Admin Rights with Viewfinity

Viewfinity

• Worldwide Leader in Least Privilege Management• Only PM Vendor to offer GPO, SaaS, and Server options• HQ in Boston with offices in The Netherlands, Germany,

Israel and Ukraine• Strategic partnerships with Microsoft, CA, McAfee, Centrify

Our Mantra: Eliminate administrative rights

without disrupting end user productivity!

Viewfinity Inc. Confidential

Users with Admin Rights can….• Install kernel-mode root kits• Install system-level level key loggers• Install ActiveX controls, including IE and Explorer extensions• Install spyware and adware• Install and start services• Stop existing services (such as the firewall)• Access data belonging to other users• Cause code to run whenever anybody else logs on to that system• Replace OS and other program files with Trojan horses• Disable/uninstall anti-virus virus• Create and modify user accounts• Reset local passwords• Render the machine unbootable …

Private Cloud*

Viewfinity Server – optional deployment in DMZ

Public Cloud

GPO Architecture

Flexible Delivery Methods

Quick Preview

• Discover users with local administrative rights• Discover applications requiring administrative rights• Privilege elevation policies • Auditing & reporting for compliance validation

Discover User Accounts that Have Local Administrative Rights

WWW.VIEWFINITY.COM

Visit our website for resources and to begin your product evaluation

WWW.VIEWFINITY.COM/INTRODUCTION_FLASH.HTM2 minute flash video overview of the Viewfinity product